This book constitutes the refereed proceedings of the 5th International Workshop on Visualization for Cyber Security held on September 15, 2008, in Cambridge, Massachusetts, USA, in conjunction with the 11th International Symposium on Recent Advances in Intrusion Detection (RAID).
The 18 papers presented in this volume were carefully reviewed and selected from 27 submissions. VizSec research has focused on helping human analysts to detect anomalies and patterns, particularly in computer network defence. This year paper focus on bridging the gap between visualization and automation.
Visual Reverse Engineering of Binary and Data Files.- Effective Visualization of File System Access-Control.- Visual Analysis of Program Flow Data with Data Propagation.- A Term Distribution Visualization Approach to Digital Forensic String Search.- GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool.- A Graph-Theoretic Visualization Approach to Network Risk Analysis.- Improving Attack Graph Visualization through Data Reduction and Attack Grouping.- Show Me How You See: Lessons from Studying Computer Forensics Experts for Visualization.- A Task Centered Framework for Computer Security Data Visualization.- BGPeep: An IP-Space Centered View for Internet Routing Data.- Large-Scale Network Monitoring for Visual Analysis of Attacks.- Visualizing Real-Time Network Resource Usage.- Wireless Cyber Assets Discovery Visualization.- NetFlow Data Visualization Based on Graphs.- Backhoe, a Packet Trace and Log Browser.- Existence Plots: A Low-Resolution Time Series for Port Behavior Analysis.- Using Time Series 3D AlertGraph and False Alert Classification to Analyse Snort Alerts.- Network Traffic Exploration Application: A Tool to Assess, Visualize, and Analyze Network Security Events.